Encrypt And Decrypt Data In Node.js With The Crypto Library

As you’ve probably noticed from the previous few articles, I’ve been doing a lot of development around cryptocurrency wallets using Node.js. Up until now, I’ve only been writing about interacting with different currencies. However, I haven’t discussed how to safely store your wallet information.

When it comes to storing anything sensitive, whether it be cryptocurrency secrets or something else, you must do so safely and securely. For example, the data must be encrypted at rest and decrypted when used.

We’re going to see how to encrypt data with a passphrase using Node.js and decrypt it using that same passphrase when necessary.

Creating a New Node.js Project with Crypto Dependencies

To keep this example simple, we’re going to create a fresh project to work with. Somewhere on your computer, execute the following command:

npm init -y

The above command will create a new package.json file and initialize our project. We’re going to be making use of the Node.js Crypto library for any and all cipher and decipher logic.

To install the dependency, execute the following from the command line:

npm install crypto --save

Finally, we need somewhere within our project to add code. For project cleanliness, we’re going to create a custom class for all encryption and decryption and a driver file that will instantiate our class.

Within your project, create the following two files:

touch safe.js
touch app.js

If you’re using an operating system that doesn’t have the touch command, create the above files manually. With these two files created, we can focus on the development of our application.

Encrypting and Decrypting Data with an AES Cipher Algorithm

We’re going to be using modern JavaScript for this example which means we’re going to create an ES6 class for our encryption and decryption logic.

In the above example we are stating that we want to use an AES algorithm. Because we want to save to a file, we want to create a buffer from our plaintext data. Once we have an encrypted buffer, we can write to the file system and return a message.

You might be wondering why we’re creating a cipher within the function rather than once within the constructor method. After we call cipher.final() we are no longer able to use the cipher. Because of this, we’ll get strange results if we create a class variable for it and try to use it multiple times.

The above code will create a file called safe.dat that will be encrypted using the passphrase provided. The JavaScript object will be asynchronously encrypted and then decrypted after. The file will remain present on the hard drive in the end.

Conclusion

You just saw how to encrypt and decrypt data with the Node.js Crypto library. This is very useful if you need to encrypt sensitive data in a file for a local application. For example, let’s say we wanted to create an Electron application and store sensitive information. We could in this scenario.

Nic Raboy

Nic Raboy is an advocate of modern web and mobile development technologies. He has experience in Java, JavaScript, Golang and a variety of frameworks such as Angular, NativeScript, and Apache Cordova. Nic writes about his development experiences related to making web and mobile development easier to understand.